Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
File:                     TuwmeuLxv5Xm16FCCA5d96MTlJI.mft (raw, json)
Hash identifier:          rbhbVUs4taQ7fUPT5uTRW2YOoV2MOaBI++br0aXTeuY=
Subject key identifier:   DE:E0:21:EB:7B:09:AD:7B:9D:84:E8:7C:6E:D3:91:66:1D:37:B2:DD
Authority key identifier: 4E:EC:26:7A:E2:F1:BF:95:E6:D7:A1:42:08:0E:5D:F7:A3:13:94:92
Certificate issuer:       /CN=4eec267ae2f1bf95e6d7a142080e5df7a3139492
Certificate serial:       0199221F1F23764A924C5C9B67FC1040CFEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
Manifest number:          0B54
Signing time:             Sun 07 Sep 2025 03:01:28 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:28 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:28 +0000
Files and hashes:         1: TuwmeuLxv5Xm16FCCA5d96MTlJI.crl (hash: fyd9MLWUTt+U+h8a7lBZCOZzcrSSzHzCPInYDYDosV0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1f:1f:23:76:4a:92:4c:5c:9b:67:fc:10:40:cf:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4eec267ae2f1bf95e6d7a142080e5df7a3139492
        Validity
            Not Before: Sep  7 03:01:28 2025 GMT
            Not After : Sep  8 03:01:28 2025 GMT
        Subject: CN=dee021eb7b09ad7b9d84e87c6ed391661d37b2dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:16:b9:c0:4a:86:4d:00:d7:aa:57:a4:03:26:
                    a0:d8:58:6b:37:31:0c:bf:4d:e3:ab:4b:55:18:68:
                    b0:28:ab:a3:97:2c:4b:5f:bd:91:66:43:f6:d3:6c:
                    ed:14:3c:fd:5d:14:07:67:a6:07:6b:cc:ae:d2:de:
                    34:91:0f:14:de:a8:f4:96:f6:90:f6:11:c8:d0:bd:
                    49:24:ef:ef:d4:e1:00:b6:33:05:9c:53:40:6a:6e:
                    b6:ff:e2:03:07:68:ac:5e:93:22:37:62:8b:f7:07:
                    ef:59:8c:aa:b5:8b:af:da:1a:6c:9d:0e:5d:12:8f:
                    f2:ee:71:5a:60:b6:9b:96:60:ab:c7:7c:cb:20:0d:
                    4f:c4:70:4e:51:72:64:7d:c4:ff:65:9f:3a:db:98:
                    1e:7a:30:fa:9e:ed:cf:7a:85:f7:a5:69:3a:86:81:
                    a0:39:2b:a1:1d:05:6a:a8:a4:65:04:54:18:b9:3c:
                    39:f0:05:04:71:73:94:2a:a7:e3:d2:fd:47:27:1f:
                    bb:50:82:be:c2:eb:05:df:b9:7d:10:ce:52:03:31:
                    8f:2d:e1:ec:3a:fd:37:32:33:7d:19:80:5b:44:51:
                    c5:48:d8:13:8e:e6:71:7d:0d:46:4f:8e:8b:91:a9:
                    97:ce:bb:31:c1:dd:eb:6e:07:89:2c:09:2c:6b:49:
                    85:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:E0:21:EB:7B:09:AD:7B:9D:84:E8:7C:6E:D3:91:66:1D:37:B2:DD
            X509v3 Authority Key Identifier:
                keyid:4E:EC:26:7A:E2:F1:BF:95:E6:D7:A1:42:08:0E:5D:F7:A3:13:94:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:42:7e:85:04:04:e1:cb:f9:4d:9b:d5:f4:20:2c:cd:5b:c1:
         ed:f8:16:46:7e:f9:2a:6a:d9:51:00:ad:e2:c5:e6:4f:98:81:
         eb:8b:f6:7e:00:e1:d5:0e:9c:0b:70:02:b9:7e:ac:47:31:6f:
         a4:09:29:2a:8e:c8:29:9d:62:54:27:c1:87:0b:4c:d7:f5:ac:
         b0:10:78:97:9f:fb:6d:0b:ea:9e:7c:c7:fc:cb:5f:bb:19:9c:
         ad:3b:1e:3b:37:22:0b:83:d9:37:09:f5:05:b9:d3:9c:85:49:
         31:62:96:65:7a:b7:03:f2:66:88:1f:6f:9f:e0:be:d6:ef:d7:
         54:29:d5:18:44:19:ad:f3:2c:5d:48:43:e9:27:ed:61:f2:28:
         6b:72:22:ca:40:f0:df:7b:38:cd:25:38:10:ad:02:fe:85:8a:
         f4:4a:78:aa:d2:af:8b:5c:e7:31:5c:7d:17:f2:0d:a8:85:3f:
         6e:90:c0:94:f4:1b:e5:2a:34:a8:80:10:b0:1c:27:58:9f:25:
         5f:90:4d:b5:2b:0b:e6:96:3a:b4:e3:a9:bd:6f:4f:5e:87:52:
         e3:96:95:d9:e5:c8:81:09:99:17:cb:1e:11:9c:cc:fe:41:dc:
         d4:b0:38:86:87:0a:90:87:d6:00:c5:9e:da:a9:2f:79:5e:85:
         8f:2f:03:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHx8jdkqSTFybZ/wQQM/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZWMyNjdhZTJmMWJmOTVlNmQ3YTE0MjA4MGU1ZGY3YTMx
Mzk0OTIwHhcNMjUwOTA3MDMwMTI4WhcNMjUwOTA4MDMwMTI4WjAzMTEwLwYDVQQD
EyhkZWUwMjFlYjdiMDlhZDdiOWQ4NGU4N2M2ZWQzOTE2NjFkMzdiMmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBa5wEqGTQDXqlekAyag2FhrNzEM
v03jq0tVGGiwKKujlyxLX72RZkP202ztFDz9XRQHZ6YHa8yu0t40kQ8U3qj0lvaQ
9hHI0L1JJO/v1OEAtjMFnFNAam62/+IDB2isXpMiN2KL9wfvWYyqtYuv2hpsnQ5d
Eo/y7nFaYLablmCrx3zLIA1PxHBOUXJkfcT/ZZ8625geejD6nu3PeoX3pWk6hoGg
OSuhHQVqqKRlBFQYuTw58AUEcXOUKqfj0v1HJx+7UIK+wusF37l9EM5SAzGPLeHs
Ov03MjN9GYBbRFHFSNgTjuZxfQ1GT46LkamXzrsxwd3rbgeJLAksa0mFpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN7gIet7Ca17nYTofG7TkWYdN7LdMB8GA1UdIwQY
MBaAFE7sJnri8b+V5tehQggOXfejE5SSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS82OGI0NjQtMjQ2MC00ZTUzLWFkZTMt
NmI5NmM4MzYxMjY1LzEvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS82OGI0NjQtMjQ2MC00ZTUzLWFkZTMtNmI5NmM4MzYxMjY1
LzEvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS0J+hQQE
4cv5TZvV9CAszVvB7fgWRn75KmrZUQCt4sXmT5iB64v2fgDh1Q6cC3ACuX6sRzFv
pAkpKo7IKZ1iVCfBhwtM1/WssBB4l5/7bQvqnnzH/MtfuxmcrTseOzciC4PZNwn1
BbnTnIVJMWKWZXq3A/JmiB9vn+C+1u/XVCnVGEQZrfMsXUhD6SftYfIoa3IiykDw
33s4zSU4EK0C/oWK9Ep4qtKvi1znMVx9F/INqIU/bpDAlPQb5So0qIAQsBwnWJ8l
X5BNtSsL5pY6tOOpvW9PXodS45aV2eXIgQmZF8seEZzM/kHc1LA4hocKkIfWAMWe
2qkveV6Fjy8DGw==
-----END CERTIFICATE-----